Exploiting XXE via image file upload
upload a svg file
intercept the request
send it to repeater
find a svg xxe payload
paste it in
view the svg with hostname
submit the hostname
PreviousLab: Exploiting XXE using external entities to retrieve filesNextLab: Exploiting XInclude to retrieve files
Last updated